Stars
Elastic Malware Benchmark for Empowering Researchers
Dump cookies and credentials directly from Chrome/Edge process memory
Python3 rewrite of AsOutsider features of AADInternals
Simple & Powerful PowerShell Script Obfuscator
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
Enumerate and disable common sources of telemetry used by AV/EDR.
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!!!)
The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in th…
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
Evilginx3 Phishlets version (0.2.3 & above) Only For Testing/Learning Purposes
Python version of the C# tool for "Shadow Credentials" attacks
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
Syscall Shellcode Loader (Work in Progress)
A modern 64-bit position independent implant template
An open-source self-hosted purple team management web application.
PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection rules, simulate logs, and undertake various security tasks,…
MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly.
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
Source generator to add D/Invoke and indirect syscall methods to a C# project.
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.